The CentOS Linux provides information about security flaws that affect the operating system components and services in the form of security advisories. Keeping the system updated and ensuring no security flaws is an OKR of any Linux Sysadmin.
In this article we will look at how you can update installed packages on your CentOS system for security. This is necessary if you have critical applications running in production and have fears on application breaking as a result of dependencies upgrade.
You can list the security updates available for your CentOS 8 Linux machine with the following command:
sudo yum updateinfo list updates security
Install Security updates only on CentOS 8 Linux
If you want to display the list of security updates which have been installed on the system use this command:
$ sudo yum updateinfo list security installed
To install all security updates, use the command:
sudo yum update --security
Please Note that without the
--security parameter, the yum command will install all updates that include bug fixes and enhancements.
Confirm the installation by pressing the y key:
....... Transaction Summary =========================================== Upgrade ... Packages Total download size: ... M Is this ok [y/d/N]: y
You can confirm if a restart is required by any processes after installing the updated packages:
sudo yum needs-restarting
If you want to lock updates to a specific release of CentOS Linux, set release first:
sudo subscription-manager release --list sudo subscription-manager release --set=<release>
You can then conform the updates were successful and enjoy running CentOS Linux with the latest security updates.
More on CentOS Linux.